Compromised web applications

Web applications are all programmes and sub-programmes that are accessed and used via the internet. These include, amongst other things, websites, contact forms, advertisements displayed on websites, moving images, and so on. Like all programmes, web applications also have vulnerabilities that can be exploited – or compromised – by cybercriminals for their own purposes. A web application compromised in this way can, for example, redirect a visitor to another website, offer them malware to download under false pretences, or spy on their data in order to, for example, take over their user account on the compromised website.

What does that mean in detail?

There are various terms used to describe compromised web applications. For example: web application attacks.

The most common types of attack include:

• Cross-site scripting: a vulnerability is exploited to inject a script that runs when the web application is accessed
• SQL injection: malicious SQL code is entered into an input field in the web application. If successful, the cybercriminal can access the SQL database connected to the web application
• Malvertising: Online adverts containing malware are displayed on a website.

Cybercriminals are particularly fond of exploiting vulnerabilities in widely used web applications. These include, for example, content management systems such as WordPress.

Where do I come across this issue in my day-to-day work?

In your day-to-day work, you may well come across compromised web applications time and again. For example, if you click on an interesting advert and it prompts you to update your Flash Player – and immediately provides a link to do so – you are probably dealing with a compromised web application. (Always download updates directly from the manufacturer’s website for the relevant programme and access this site manually.) But your own company website can also be compromised. For example, if cybercriminals exploit a vulnerability in your server or have obtained one or more passwords from other sources. Or, if, like many companies, you use a content management system such as WordPress: if a vulnerability in that content management system is exploited.

What can I do to improve my security?

Important rules for your own use of web applications:

• Never click on online adverts.
• Always download updates directly from the manufacturer’s website, which you should visit manually.
• Always keep your browser (e.g. Firefox, Microsoft Edge, Safari, Google Chrome) up to date; install updates as soon as possible.

Key points for your company website:

• Always keep all systems up to date; install updates as soon as possible.
• If you place advertisements, make sure they are thoroughly checked for malware and suspicious links.
• Use strong, unique passwords.
• Consider using a web application firewall.